---

Home Security

Mandrake Linux Advisory: kdebase

By

Mandrake Linux Security Update Advisory

Package name: kdebase
Advisory ID: MDKSA-2003:091
Date: September 16th, 2003
Affected versions: 9.0, 9.1, Corporate Server 2.1

Problem Description:

A vulnerability was discovered in all versions of KDE 2.2.0 up
to and including 3.1.3. KDM does not check for successful
completion of the pam_setcred() call and in the case of error
conditions in the installed PAM modules, KDM may grant local root
access to any user with valid login credentials. It has been
reported to the KDE team that a certain configuration of the MIT
pam_krb5 module can result in a failing pam_setcred() call which
leaves the session alive and would provide root access to any
regular user. It is also possible that this vulnerability can
likewise be exploited with other PAM modules in a similar
manner.

Another vulnerability was discovered in kdm where the cookie
session generating algorithm was considered too weak to supply a
full 128 bits of entropy. This allowed unauthorized users to
brute-force the session cookie.

mdkkdm, a specialized version of kdm, is likewise vulnerable to
these problems and has been patched as well.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0690

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0692

http://www.kde.org/info/security/advisory-20030916-1.txt


http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html

Updated Packages:

Corporate Server 2.1:
b16612d8f4e68781cecaf9d32e12c50c
corporate/2.1/RPMS/kdebase-3.0.5a-1.4mdk.i586.rpm
a80f6c8029c536d59f92fcf7bcf1abd5
corporate/2.1/RPMS/kdebase-devel-3.0.5a-1.4mdk.i586.rpm
ae02c014e1994c25a1ee23a7eee8095c
corporate/2.1/RPMS/kdebase-nsplugins-3.0.5a-1.4mdk.i586.rpm
f9ebdbc69440ca1d11fcd5653f8173d6
corporate/2.1/SRPMS/kdebase-3.0.5a-1.4mdk.src.rpm

Corporate Server 2.1/x86_64:
cf6fbbfee865b54584632655fa019ee3
x86_64/corporate/2.1/RPMS/kdebase-3.0.5-2.2mdk.x86_64.rpm
08867a45c5be3c48bbd4c93ced0b6ebb
x86_64/corporate/2.1/RPMS/kdebase-devel-3.0.5-2.2mdk.x86_64.rpm
cf53476849eb402be28d6a52ac86a218
x86_64/corporate/2.1/RPMS/kdebase-nsplugins-3.0.5-2.2mdk.x86_64.rpm

a1ee293f258c76a720310183f0c4dda4
x86_64/corporate/2.1/SRPMS/kdebase-3.0.5-2.2mdk.src.rpm

Mandrake Linux 9.0:
b16612d8f4e68781cecaf9d32e12c50c
9.0/RPMS/kdebase-3.0.5a-1.4mdk.i586.rpm
a80f6c8029c536d59f92fcf7bcf1abd5
9.0/RPMS/kdebase-devel-3.0.5a-1.4mdk.i586.rpm
ae02c014e1994c25a1ee23a7eee8095c
9.0/RPMS/kdebase-nsplugins-3.0.5a-1.4mdk.i586.rpm
f9ebdbc69440ca1d11fcd5653f8173d6
9.0/SRPMS/kdebase-3.0.5a-1.4mdk.src.rpm

Mandrake Linux 9.1:
06423402c174ef11a64bd0ed44c4a624
9.1/RPMS/kdebase-3.1-83.5mdk.i586.rpm
bfa3c991495ec60d87858cd1563353ab
9.1/RPMS/kdebase-devel-3.1-83.5mdk.i586.rpm
cfef59c2e6d2c0faf7469ab2d036e091
9.1/RPMS/kdebase-kdm-3.1-83.5mdk.i586.rpm
ab122d6e7931a96d239e0aa6db401ffa
9.1/RPMS/kdebase-nsplugins-3.1-83.5mdk.i586.rpm
dbcedf83b6ed92afb8d30bdf54ec38d5
9.1/RPMS/mdkkdm-9.1-24.2mdk.i586.rpm
dc8f0c5f34088514900266eeaeff63bb
9.1/SRPMS/kdebase-3.1-83.5mdk.src.rpm
d5c82813906df0100a099e10a030672b
9.1/SRPMS/mdkkdm-9.1-24.2mdk.src.rpm

Mandrake Linux 9.1/PPC:
a34824fd162a8ce79258c4db2f2c2d56
ppc/9.1/RPMS/kdebase-3.1-83.5mdk.ppc.rpm
2f3bb4c00a78faa0792dd0353b6e09f2
ppc/9.1/RPMS/kdebase-devel-3.1-83.5mdk.ppc.rpm
818e187fcc9328683fd8e33044c43a78
ppc/9.1/RPMS/kdebase-kdm-3.1-83.5mdk.ppc.rpm
63a508bdfc7040697fd200c9f580204b
ppc/9.1/RPMS/kdebase-nsplugins-3.1-83.5mdk.ppc.rpm
499cd7d3f1e4cc7b1276c0f9eed1c0cf
ppc/9.1/RPMS/mdkkdm-9.1-24.2mdk.ppc.rpm
dc8f0c5f34088514900266eeaeff63bb
ppc/9.1/SRPMS/kdebase-3.1-83.5mdk.src.rpm
d5c82813906df0100a099e10a030672b
ppc/9.1/SRPMS/mdkkdm-9.1-24.2mdk.src.rpm

Bug IDs fixed (see https://qa.mandrakesoft.com for
more information):

To upgrade automatically, use MandrakeUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

A list of FTP mirrors can be obtained from:

http://www.mandrakesecure.net/en/ftp.php

All packages are signed by MandrakeSoft for security. You can
obtain the GPG public key of the Mandrake Linux Security Team by
executing:

gpg –recv-keys –keyserver www.mandrakesecure.net
0x22458A98

Please be aware that sometimes it takes the mirrors a few hours
to update.

You can view other update advisories for Mandrake Linux at:

http://www.mandrakesecure.net/en/advisories/

MandrakeSoft has several security-related mailing list services
that anyone can subscribe to. Information on these lists can be
obtained by visiting:

http://www.mandrakesecure.net/en/mlist.php

If you want to report vulnerabilities, please contact

security_linux-mandrake.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team <security
linux-mandrake.com>

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.